The sidebar contains information that relates to the page you are viewing. It features a link to page revision history, a watchlist star that lets you put the page into your watchlist or remove it, and three colored boxes displaying Tags, Incoming Links, and Attachments.

Toggling the sidebar. Clicking the V shape in the right-hand corner of the page will make the sidebar vanish. Click the > to bring back the sidebar.

The sidebar boxes are presented in the following order:

Tags. This is a list of all the Tags that have been applied to the page.

Incoming links. This is a list of all the pages that have a link to the page you are currently viewing.

Introduction

Socialtext has fine-grained authorization and access control, organized by user roles and permissions for each workspace. Socialtext predefines seven different types of workspace configurations that meet common needs. If you need different configurations, contact your appliance system administrator or, for the Socialtext hosted service, support@socialtext.com

Roles

Socialtext implements authorization by user roles. Each user role has a set of activities they are permitted to do (permissions). There are four user roles:

Guest

Anyone in the world who has web access to your appliance or the Socialtext hosted service. A guest user is anonymous and unidentified.

Authenticated user

Anyone who has registered and obtained a user account on your appliance or, for the Socialtext hosted service, with Socialtext. A user can register by setting a password, setting an optional full name, and replying to a confirmation email. The user only needs to register once for all login-to-edit public workspaces on the appliance or Socialtext hosted service.

Member

A registered user who is an invited member of a workspace. A member must be invited by a workspace administrator.

Workspace administrator (admin)

A member of a workspace who has been granted additional administrator privileges. An admin can delegate to or revoke administrative privileges from other users.

Workspaces and Roles

Each workspace has a set of permissions for each user role. A given user may play a different role in different workspaces. For example, a user can be an admin in one workspace and a guest in another. There are several standard workspace types that have permission sets and configurations to fit different needs. If needed, you can change the permissions of any user role to create custom permissions for a workspace.

Standard Workspace Types

Socialtext provides several different types of workspaces to fit different needs. Private workspaces are common for business use. Private workspaces are accessible only by members of that workspace. Alternatively, you can use public workspaces to share a workspace with others. The predefined workspace types are named by a permission set name. The predefined workspace types are:

Private workspace

By default, all workspaces are private. The workspace can only be accessed by members. By default, anyone can email into the workspace. You can ask your appliance administrator to change the configuration so the workspace accepts emails from authenticated users only, members only, or so that the workspace cannot receive any email. The permission set name for this workspace type is: member-only

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

authenticated user

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Private Login-to-Edit workspace

Any authenticated user on your appliance or, for the Socialtext hosted service, an authenticated user of Socialtext can modify the workspace. However, the workspace remains inaccesible to guest users. The permission set name for this workspace type is: authenticated-user-only

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

authenticated user

X

X

X

X

X

X

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Public Login-to-Edit workspace

The workspace is open to anyone to read. In order to modify the workspace, the user must be registered as an authenticated user. The permission set name for this workspace type is: public-authenticate-to-edit

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

X

authenticated user

X

X

X

X

X

X

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Public Read-Only workspace

The workspace allows anyone to read the workspace. Only members can modify it. The permission set name for this workspace type is: public-read-only

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

authenticated user

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Public Read-and-Comment-Only workspace

The workspace allows anyone to read the workspace and submit comments on pages. Only members can modify it. The permission set name for this workspace type is: public-comment-only

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

X

authenticated user

X

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Fully Public workspace

The workspace is open to anyone to read, comment, or edit. However, guests and authenticated users are not able to do some potentially risky actions such as sending email, uploading files, and deleting pages. The permission set name for this workspace type is: public

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

X

X

X

authenticated user

X

X

X

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Intranet

The intranet configuration is used most commonly on appliances. The workspace is open to anyone to read, comment, or edit. Guest users have all permissions available to members, including sending email, uploading files, and deleting pages. The permission set name for this workspace type is: intranet

roles/permissions

admin_workspace

attachments

comment

delete

edit

edit_controls

email_in

email_out

read

guest

X

X

X

X

X

X

X

authenticated user

X

X

X

X

X

X

X

member

X

X

X

X

X

X

X

workspace admin

X

X

X

X

X

X

X

X

Differences from Socialtext 1.9.4 and earlier

The authenticated user role enables a user to "sign their work" with their name and set personal preferences in public workspaces without needing to be an invited member of a workspace.

It solves a problem in previous versions, where guest users could set preferences which were recorded in a cookie. When the cookie expired, the users were not able to change those preferences.